<?php   

   //Adds the connection file to log/connect to the Database
   //include ('dbVariables.php');
   //include ('dbConfig.php');

   //Manual SQL COnnection
   $con = mysql_connect("localhost", "root", "root") or die ( "Error connectiong to DB: ".mysql_error());
       
   mysql_select_db("reeferslog", $con) or die ( "Error selecting specific DB, reefeerslog: ".mysql_error());
   
   $username = $_POST['username'];
   $password = $_POST['password'];
   
   //Prevent SQL injection
   $username = stripslashes($username);
   $password = stripslashes($password);
   $username = mysql_real_escape_string($username);
   $password = mysql_real_escape_string($password);  
   
   //SQL Query to validate log in
   $login_query = "select user_id from users where username='$username' and password='$password'";   
                
   //Execution of query
   $result = mysql_query($login_query);
   
   $uid = mysql_fetch_assoc($result); //gets user id

   //Checks for number of returned rows from mysql
   $count=mysql_num_rows($result);
   
   if($count ==1){
   // Register session variables and redirect to file "WelcomePage.php"
   session_register("username");
   session_register("password");
   session_register("uid");
   
   $_SESSION['uid']= $uid['user_id']; //user id session variable
   $_SESSION['usernname']= $username; //username session variable
   
   header("location:./../WelcomePage/WelcomePage.php"); 
   }
   else 
   {
    echo "Wrong Username or Password</br>";
    echo "</br></br>";
    echo "Click here to return to the "; 
    echo '<a href="./../index.php" title="Login">Login Page</a></br></br>';
    echo "Or sign up using this link ";
    echo '<a href="./Registration/registration.html" title="Registration">Registration Page</a>';
   }
?>
